3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
0.0004 Low
EPSS
Percentile
5.3%
drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to
modify arbitrary kernel memory locations by leveraging root privileges to
write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this
vulnerability exists because of an incomplete fix for CVE-2010-4347.
Author | Note |
---|---|
apw | note that CONFIG_ACPI_DEBUG must be off before the fixing commit and CONFIG_ACPI_CUSTOM_METHOD must be off after it. Confirmed off in all cases, and CONFIG_ACPI_CUSTOM_METHOD is enforced off. |